ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam
Go to Exam

Exam CSSLP topic 2 question 74 discussion

Actual exam question from ISC's CSSLP
Question #: 74
Topic #: 2
[All CSSLP Questions]

Which of the following methods can be helpful to eliminate social engineering threat? Each correct answer represents a complete solution. Choose three.

  • A. Password policies
  • B. Data classification
  • C. Data encryption
  • D. Vulnerability assessments
Show Suggested Answer Hide Answer
Suggested Answer: ABD 🗳️
The following methods can be helpful to eliminate social engineering threat: Password policies Vulnerability assessments Data classification
Password policy should specify that how the password can be shared. Company should implement periodic penetration and vulnerability assessments. These assessments usually consist of using known hacker tools and common hacker techniques to breach a network security. Social engineering should also be used for an accurate assessment. Since social engineers use the knowledge of others to attain information, it is essential to have a data classification model in place that all employees know and follow. Data classification assigns level of sensitivity of company information. Each classification level specifies that who can view and edit data, and how it can be shared.
by 74gjd_37 at Oct. 1, 2023, 7:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
74gjd_37
5 months, 2 weeks ago
Selected Answer: ABC
The following methods can be helpful to eliminate social engineering threat: A. Password policies B. Data classification C. Data encryption So the correct answer is A, B and C. Password policies can help prevent attackers from using password-based social engineering attacks such as phishing scams to gain access to sensitive information systems. Data Classification can also aid in mitigating social engineering threats by helping organizations identify their most valuable data assets and creating specific access controls based on a user's need-to-know basis. Finally, data encryption not only makes it harder for an attacker to decipher messages but reduces opportunities for potential malicious actors who might try impersonation techniques like falsely representing company executives' communication without being detected easily during transmission over unencrypted channels.
upvoted 1 times
74gjd_37
5 months, 2 weeks ago
While vulnerability assessments are essential tools that should always be completed regularly, they cannot alone eliminate all forms of risk induced by humans via specially tailored attacks using principals of flattery along with shameless confidence tricks that rely upon bypassing standard security measures designed purely from technology-focused approaches rather than human-focused elements like Behavior Analytics which could help reduce susceptibility factors related to social engineering activities.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago